Cyber security professionals in Australia are coming together and volunteering their services to protect health facilities and small charities from cyber attack during the COVID-19 crisis.
The group, Cyber Volunteers-19 Australia, has been formed in response to a call to action from the founders of the UK’s CV19 group, created for the same purpose by prominent cyber security professional Lisa Forte, a partner at Red Goat Cyber Security.
The founder of the Australian group is Louisa Vogelenzang, associate managing director for data breach and identity theft a global cyber risk firm Kroll. She told CSO Australia, “I saw Lisa’s LinkedIn post and so did Dan Goldberg [principal partner at cyber security advisory firm Cybza]. We shared it and said, ‘Let's get something started in Australia’. Then we connected to each other and we brought onboard another couple of people: Gareth Willis [director of Cognitive Security] based out of Hobart, and Jacqui Loustau, founder of the Australian Women in Security Network.”
A closed group had been set up on LinkedIn where cyber security professionals can express interest in joining the group, and there’s a public page to keep people updated on the group’s progress and activities.
“We want to vet any potential volunteers in terms of their cybersecurity credentials and ensure that they're part of our trusted network,” Vogelenzang said. “We are growing quite quickly as the word gets out. We've got over 40 volunteers who have put their hand up already. I think the UK is at 3,000, but they they're managing Europe-wide.”
There is no equivalent group in New Zealand yet, but Vogelenzang said the Australian group would extend its services to New Zealand if required. “Or, if somebody wants to set up a group in New Zealand we'd happily partner with them and share everything we've learned from the UK.”
She said the group aimed to make its members available for any cyber security requirements from the health sector. “For example, if they get hit by ransomware. … We're also collating a list of security companies that are offering pro bono service and technology during this time to make it really easy and transparent for a healthcare provider to see what they might be able to get help with. We are seeing a lot of technology vendors offering free licenses. So if we can coordinate a list of available services and technology and capture things like: ‘How long is the license free for?’ ‘Are you going to charge for it after that time?’ We can bring some transparency to those who most need that assistance at this time.”
Vogelenzang said the group was yet to receive any requests for help from the healthcare sector but was already providing assistance to a microcharity that needs to get staff having to work from home connected securely. “The challenge is that those home routers might have default passwords on them or maybe they don't have the latest patched version of the operating system,” she said.
The group has partnered non-profit organisation IDCare, which will supply volunteers to help microcharities in Australia and New Zealand get their remote workers secured as quickly as possible.
Vogelenzang said IDCare had developed technology and systems to enable remote support and configuration. “They've been working with the University of the Sunshine Coast. They will onboard our volunteers who want to work on that particular job and that have the right skills for that job. … We can do a lot of things remotely to assist those micro charities who otherwise would have no access or budget for any security for those staff.”